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In this paper we address the decision problem for a fragment of set theory with restricted quan- 
tification which extends the language studied in ID with pair related quantifiers and constructs, in 
view of possible applications in the field of knowledge representation. We will also show that the 
decision problem for our language has a non-deterministic exponential time complexity. However, 
for the restricted case of formulae whose quantifier prefixes have length bounded by a constant, the 
decision problem becomes NP-complete. We also observe that in spite of such restriction, several 
useful set-theoretic constructs, mostly related to maps, are expressible. Finally, we present some 
undecidable extensions of our language, involving any of the operators domain, range, image, and 
map composition. 

1 Introduction 

The intuitive formalism of set theory has helped providing solid and unifying foundations to such diverse 
areas of mathematics as geometry, arithmetic, analysis, and so on. Hence, positive solutions to the 
decision problem for fragments of set theory can have considerable applications to the automation of 
mathematical reasoning and therefore in any area which can take advantage of automated deduction 
capabilities. 

The decision problem in set theory has been intensively studied in the context of Computable Set 
Theory (see ||5l|9l[T8l), and decision procedures or undecidability results have been provided for several 
sublanguages of set theory. Multi-Level Syllogistic (in short MLS, cf. |[T2l ) was the first unquantified 
sublanguage of set theory that has been shown to have a solvable satisfiability problem. We recall that 
MLS is the Boolean combinations of atomic formulae involving the set predicates G, C, =, and the 
Boolean set operators U, fl, \. Numerous extensions of MLS with various combinations of operators 
(such as singleton, powerset, unionset, etc.) and predicates (on finiteness, transitivity, etc.) have been 
proved to be decidable. Sublanguages of set theory admitting explicit quantification (see for example 
H [161 [17] |6l) are of particular interest, since, as reported in [4], they allow one to express several set- 
theoretical constructs using only the basic predicates of membership and equality among sets. 

Applications of Computable Set Theory to knowledge representation have been recently investigated 
in m |6l, where some interrelationships between (decidable) fragments of set theory and description 
logics have been exploited^ As knowledge representation mainly focuses on representing relationships 
among items of a particular domain, any set-theoretical language of interest to knowledge representation 
should include a suitable collection of operators on multi-valued maps. H 
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' We recall that description logics are a well-established framework for knowledge representation; see (TJ for an introduction. 
^According to II9I . we use the term 'maps' to denote sets of ordered pairs. 
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Non-deterministic exponential time decision procedures for two unquantified fragments of set theory 
involving map related constructs have been provided in lITSlfTOl . As in both cases the map domain opera- 
tor is allowed together with all the constructs of M LS, it turns out that both fragments have an ExpTlME- 
hard decision problem (cf. Q). On the other hand, the somewhat less expressive fragment MLSSj^ has 
been shown to have an NP-complete decision problem in |[7], where MLSS2„, is a two-sorted language 
with set and map variables, which involves various map constructs like Cartesian product, map restric- 
tions, map inverse, and Boolean operators among maps, and predicates for single-valuedness, injectivity, 
and bijectivity of maps. 

In m, an extension of the quantified fragment Vq (studied in the same paper — here the subscript '0' 
denotes that quantification is restricted) with single-valued maps, the map domain operator, and terms of 
the form f{t), with t a function-free term, was considered. We recall that Vo-formulae are propositional 
combinations of restricted quantified prenex formulae (Vyi G zi) • • • (Vj„ S Zn)p , where p is a Boolean 
combination of atoms of the types x G y, x = y, and quantified variables nesting is not allowed, in the 
sense that any quantified variable yi can not occur at the right-hand side of a membership symbol € in 
the same quantifier prefix (roughly speaking, no zj can be a yt). More recently, a decision procedure 
for a new fragment of set theory, called Vq, has been presented in [|6|. The superscript "k" denotes the 
presence of operators related to ordered pairs. Formulae of the fragment Vq, to be reviewed in Section 
m involve the operator 7r(-), which intuitively represents the collection of the non-pair members of its 
argument, and terms of the form [x,y], for ordered pairs. The predicates = and G allowed in it can occur 
only within atoms of the forms x = y,x ^ ^(3')^ and [x,y] G z; quantifiers in Vj-formulae are restricted to 
the forms {\/x G 7i{y)) and (V[a;, G z), and, much as in the case of the fragment Vq, quantified variables 
nesting is not allowed. 

In this paper we solve the decision problem for the extension Vq 2 of the fragment Vq with ordered 
pairs and prove that, under particular- conditions, our decision procedure runs in non-deterministic poly- 
nomial time. Vq 2 is a two-sorted (as indicated by the second subscript "2") quantified fragment of set 
theory which allows restricted quantifiers of the forms (V;c G y), {3x G y), {y[x,y] G /), G /), 

and literals of the forms x G [x,y] ^ f, x = y, f = g, where x, y are set variables and /, g are map 
variables. Considerably many set-theoretic constructs are expressible in it, as shown in Table [T] In fact, 
the language Vq2 is also an extension of MLSSjn,. However, as will be shown in Section |5l it is not 
strong enough to express inclusions Uke x C dom(/), x CI range(/), x C f[y], and h (1 f o g, but only 
those in which the operators domain, range, (multi-)image, and map composition are allowed to appear 
on the left-hand side of the inclusion operator C. 

The paper is organized as follows. Section |2] provides some preliminary notions and definitions. In 
Section [3] we give the precise syntax and semantics of the language Vq 2. Decidability and complexity of 
reasoning in the language Vq2 are addressed in SectionH] Some undecidable extensions of Vq2 then 
presented in Section [51 Finally, in Section [6] we draw our conclusions and provide some hints for future 
works. 

2 Preliminaries 

We briefly review basic notions from set theory and introduce also some definitions which will be used 
throughout the paper. 

Let SVars =^^f {x,^,^, . . .} and MVars =Q^f {f,g,h, . . .} be two infinite disjoint collections of set and 
map variables, respectively. As we will see, map variables will be interpreted as maps (i.e., sets of 
ordered pairs). We put Vars =j^^f SVars U MVars. For a formula (p, we write Vars{(p) for the collection of 
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Table 1 : Set-theoretic constructs expressible in Vq 



variables occumng free (i.e., not bound by any quantifier) in (p, and put SVars{(p) =^^f Vars{(p) nSVars 
and MVars{(p) =jj^fVars((p)nMVars. 

Semantics of most of the languages studied in the context of Computable Set Theory are based on 
the von Neumann standard cumulative hierarchy of sets Y, which is the class containing all the pure sets 
(i.e., all sets whose members are recursively based on the empty set 0). The von Neumann hierarchy Y 
is defined as follows: 

=^^^ ^{fy), for each ordinal 7 
fx =Dcf U^<A ) for s^ch hmit ordinal A 

where ^i-) is the powerset operator and On denotes the class of all ordinals. The rank rank(M) of a set 
M G is defined as the least ordinal 7 such that u e Yy. We will refer to mappings from Vars to T as 
assignments. 

Next we introduce some notions related to pairing functions and ordered pairs. Let 7r(-, •) be a binary 
operation over the universe Y. The Cartesian product u x ;j v of two sets u,v ^y, relative to 71, is defined 
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as u Xj^v =Q^t {n{u',v') : m' G m Av' G v}. When it is clear from the context, for the sake of conciseness 
we will omit to specify the binary operation n and simply write ' x ' in place of ' x ' . A binary operation 
n over sets in Y is said to be a pairing function if 

(i) n{u,v) = n{u' ,v') <J=^ M = m' A V = v' , for all m,m',v,v' G and 

(ii) the Cartesian product u xv (relative to n) is a set of Y, for all u,v ^Y. 

In view of the replacement axiom, condition (ii) is obvioulsy met when k{u,v) is expressible by a set- 
theoretic term. This, for instance, is the case for Kuratowski's ordered pairs, defined by nKur{u,v) =De{ 
{{m}, {m, v}}, for all u,v G Y. Given a pairing function 7i and a set s, we denote with Pairs;r(5) the col- 
lection of the pairs in s (with respect to n), namely Pairs;^!'*) =Dcf {u ^ s : (3vi,V2 ^Y){u = 7r(vi,V2))}. 

A pair-aware interpretation I = {M' ,71^) consists of a pairing function and an assignment M' 
such that PairSjj/ (M^/) = M^f holds for every map variable / G MVars (i.e., map variables can only 
be assigned sets of ordered pairs, or the empty set). For conciseness, in the rest of the paper we will 
refer to pair-aware interpretations just as interpretations. An interpretation / = (M^,7r') associates sets 
to variables and pair terms, respectively, as follows: 

fx = M'x 

I[x,y] =^^, n'{Ix,Iy), ^ ^ 

for all x,y £ Wars. Let W C Wars be a finite collection of variables, and let M,M' be two assignments. We 
say that M' is a W -variant of M if Mx = M'x for all x G Vars \ W . For two interpretations / = (M^, n') 
and J = {M\ 71'^), we say that 7 is a W-variant of / if M'^ is a W-variant of and 71'' = . 
In the next section we introduce the precise syntax and semantics of the language Vq 



3 The language Vq 2 

The language consists of the denumerable infinity of variables Vars = SVarsU MVars, the binary 
pairing operator [•,•], the predicate symbols G,=, the Boolean connectives of propositional logic -■, 
A, V, — >, parentheses, and restricted quantifiers of the forms (Vjc G y), (V[;c,j] G /), {3x G y), and 
(3[;ic, G /). Atomic Vq 2 -formulae ai^e expressions of the following four types 

x^y, x=y, [x,y]ef, f = g, (2) 

with x,y G SVars and f^gG MVars. Quantifier- free -formulae are propositional combinations of 
atomic Vq 2-formulae. Prenex Vq 2 -formulae are expressions of the following two forms 

(V.X1 G zi) . . . (Vjcft G z/OlVl^c/i+hW+i] e fh+\) ■ ■ ■ (y[xn,yn] e f„)5 , (3) 
(3x1 G zi) . . . {3xh G Zh){3[xh+i,yh+i] G fh+i) ■ ■ ■ {3[x„,y„] G , (4) 

where Xi,yi,Zi G SVars, fj G MVars, and 5 is a quantifier-free Vq 2"forrnul^- We will refer to the variables 
Zi,... ,Zh as the domain variables of the formulae ^ and Notice that quantifier-free VQ2"formulae 
can also be regarded as prenex VJ 2-formulae with an empty quantifier prefix. A prenex Vq 2 -formula 
is said to be simple if nesting among quantified variables is not allowed, i.e., if no quantified variable 
can occur also as a domain variable. Finally, Vq 2 -formulae are Boolean combinations of simple-prenex 
Vq 2-formulae. 

Semantics of Vq 2-formulae is given in terms of interpretations. An interpretation / = {M',n') 
evaluates a VQ2-formula (p into a truth value I(p G {true, false} in the following recursive manner. 
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First of all, interpretation of quantifier-free Vq j'foi'i^ulae is carried out following the rules of propo- 
sitional logic, where atomic formulae Q are interpreted according to the standard meaning of the pred- 
icates e and = in set theory and the pair operator [•,•] is interpreted as in ([T]l- Thus, for instance, 
/([^Cjj] e / — > :t € j) = true, provided that either n^{Ix,Iy) ^ // or Ix £ ly. Then, evaluation of simple- 
prenex VJ 2-formulae is defined recursively as follows: 

• /(V;c € z)<p = true, provided that J(p = true, for every {;c}-variant J of I such that Jx G 7z; 

• /(V[x,3;] £f)(p = true, provided that J(p = true, for every {jc,3;}-variant J of I such that J[x,y] G Jf; 

• I{3x G z)(p = true, provided that /(Vjc G z)^(p = false; and 

• /(3[;c, G f)(p = true, provided that I{y[x,y] G /)-•<?> = false. 

Finally, evaluation of VQ2-formulae is carried out following the rules of propositional logic. 

If an interpretation / evaluates a Vgj-formula to true we say that / is a model for (p (and write 
I \= (p). A Vq 2-formula <p is said to be satisfiable if and only if it admits a model. Two Vq 2"fo™ul^^ 
are said to be equivalent if they have exactly the same models. Two 2-formulae <p and (p' are said to 
be equisatisfiable provided that <p is satisfiable if and only if so is (p' . The satisfiability problem (s.p., for 
short) for the theory Vq 2 is the problem of establishing algorithmically whether any given Vq 2-formula 
is satisfiable or not. 

By way of a simple normaUzation procedure based on disjunctive normal form, the s.p. for Vq2" 
formulae can be reduced to that for conjunctions of simple-prenex VJ 2-formulae of the types (O and Q. 
Moreover, since any such conjunction of the form 

V^A(3xi Gzi)...(3x/, ezh){3[xh+i,yh+i\ G//i+i)---(3[x„,3;„] G 

is equisatisfiable with A where 5^ is obtained from the quantifier-free formula 

h n 

s+ =Def A ^^'^ A i^j^yj] ^fj^^ 

i=l j=h+l 

by a suitable renaming of the (quantified) variables x\,... ,Xn,yh+\ ,yn, it turns out that the s.p. for 
Vq 2-formulae can be reduced to the s.p. for conjunctions of simple-prenex Vq 2-formulae of the type (|3]l 
only, which we call normalized \lQ2''^onjunctions. 

Satisfiability of normalized Vq 2 -conjunctions does not depend strictly on the pairing function of the 
interpretation, provided that suitable conditions hold, as proved in the following technical lemma. 

Lemma 1. Let (p be a normalized \/'^ 2'Conjunction, and let I and J be two interpretations such that 

(a) Ix = Jx, for all X SVars, 

(b) k'{u,v) G // n-'{u,v) G Jfjor all u,v and f G MVars. 
Then I \= (p J \= 9- 

Proof. It is enough to prove that 

I^Y ^ Jh¥ (5) 

holds, for every (universal) simple-prenex conjunct occurring in (p. We shall proceed by induction on 
the length of the quantifier prefix of Y- We begin with observing that, by |(a)[ / and / evaluate to the same 
truth values all atomic formulae of the types x £y and x = y, for all x,y £ SVars. Likewise, 

Ihf = 8^Jhf = g and I^[x,y]ef ^ J^[x,y]Gf 
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follow directly from |(a)| and 
of its quantifier prefix is 0. 

Next, let ijf = (Vx G y)yifo, for some x,y € SVars, where \ffo is a universally quantified simple-prenex 
Vq 2-formula with one less quantifier than y and containing no quantified occuiTcnce of y. We prove that 
/„ is a model for \j/o if and only if so is 7„, for every u ^ ly = Jy, where /„ and 7„ denote, respectively, 
the {;c}-variants of / and J such that luX = J^x = u. But, for each u £ ly = Jy, /„ and 7„ satisfy conditions 
|(a)| and [(b)] of the lemma, so that, by inductive hypothesis, we have /„ |= Xjfo Ju 1= W^- Hence 

/ ^ (V;c G y)\lfQ ^ / ^ (V;c G y)\lfQ. 

The case in which i/a = (V[.x,y] G /) V^o> with x,y G SVars, f G MVars, and i/Zq a universally quantified 
simple-prenex Vq j-formula containing no quantified occurrence of x and y, can be dealt with much in 
the same manner, thus concluding the proof of the lemma. □ 

In the following section we show that the s.p. for normalized 2 -conjunctions is solvable. 



(b) Thus ([5]) follows easily when i//^ is quantifier-free, i.e., when the length 



4 A decision procedure for Vq 2 

We solve the s.p. for Vq j-formulae by reducing the s.p. for normalized Vo2-conj unctions to the s.p. for 
the fragment of set theory Vq, studied in |[6l. Following ||6l, Vq -formulae are finite conjunctions of 
simple-prenex y ^-formulae, namely expressions of the form 

(yxi G 7r(zi)) . . . i^xf, G 7i{zh))0^[xh+i,yh+i] e Zh+i) ■ ■ ■ (V[x„,3;„] g z„)5, 

where Xi,yi,Zi G SVars, for / = 1, . . . ,n, no domain variable Zi can occur quantified, and 5 is a quantifier- 
free Boolean combination of atomic formulae of the types x G 7t{z), [x,y] £ z,x = y, with x,y,z G ^Var^H 
Intuitively, a term of the form 7r(z) represents the set of the non-pair members of z- Notice that Vq- 
formulae involve only set variables. 

Semantics for VJ-formulae is given by extending interpretations also to terms of the form 7i{x) as 
indicated below: 

=Def^-^\PairS;j;(/jc), 

where x G SVars. Evaluation of Vq -formulae is earned out much in the same way as for VJ 2-formulae. 
In particular, we also put /(Vx G Ti{y))(p = true, provided that J(p = true, for every {x}-variant 7 of / 
such that Jx G lTi{y)- 

We recall that satisfiability of Vq -formulae can be tested in non-deterministic exponential time. Ad- 
ditionally, the s.p. for Vq -formulae with quantifier prefixes of length at most h, for any fixed constant 
/z > 0, is NP-complete (cf. i6J). 

The s.p. for normalized Vq 2 -conjunctions can be reduced to the s.p. for VJ-formulae. To begin with, 
we define a syntactic transformation t(-) on normalized Vq 2-conjunctions. More specifically, T(<p) is 
obtained from a given normalized Vj2-conjunction <p by replacing 

• each restricted universal quantifier (Vx G y) in (p by the quantifier (Vx G 7r(y)), 

• each atomic formula x G y in <p by the literal x £7i{y), and 

• each map variable / occurring in (p by a fresh set variable Xf, thus identifying an application 
f \-^Xf from MVars{(p) into SVars, which will be referred to as map-variable renaming for T(<p). 

^Thus, normalization is already built-in into VJ-formulae, and we could have called them normalized ^^-conjunctions. 
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Thus, for instance, if 

(p = (yx' ex){[x,x] €f)A{y[x',y']ef){x=y'Ax'ex) 

then 

t(9) = (Vx' G 7t{x)){[x,x] exj) A(V[y,y] Gx/)(x'=yAx' G 7t{x)) , 

where x^ is a set variable distinct from x, x', and y'. 

The following lemma provides a useful semantic relation between universal simple-prenex Vjj- 
formulae and their corresponding Vq -formula via t. 

Lemma 2. Let \\f be a universal simple-prenex VQ2-/onMM/a and let I = {M^ ,7i') be an interpretation 
such that 

(i) PairSjj;({/x : x G SVars{\lf)}) = (i.e., Ix is not a pair, for any free variable x ofxj/), and 

( ii) PairS;;;; (Ix) = 0, for every domain variable x of Y- 
Then I \= Y if and only if I \= t(i/a). 

Proof. We proceed by induction on the quantifier prefix length i>0 of the formula Y- To begin with. 



we observe that in force of (i) we have Ix G ly if and only if Ix G l7t{y), for any two free variables x and 
y of i/A, so that, given any atomic formula a involving only variables in SVars{Y), / |= a if and only if 
/ 1= z{a). Hence the lemma follows directly from propositional logic if y is quantifier-free, i.e., i = 0. 

Next, let Y = (Vx G y)Yo^ where Yo is a universal simple-prenex Vq j-formula with £—1 quantifiers, 
x,y are set variables occurring neither as domain nor as bound variables in Yo- Observe that, by |(ii)[ 



ly = In{y), since j is a domain variable of Y- Thus it will be enough to prove that 

lu N Wo 4 N t:{Wo) (6) 

holds for every {x}-variant /„ of / such that /„x = u, with u G ly. But /„x can not be a pair (with respect 
to the pairing function n'), as it is a member of ly and y is a domain variable of (p. Thus Q follows by 
applying the inductive hypothesis to Yo and to every interpretation /„ such that u G ly. 

Finally, the case in which y = (Vixjj] G f)Yo^ where Yo is a universal simple-prenex Vq j-formula, 
x,y are set variables not occurring as domain variables in Yo, and / is a map variable, can be dealt with 
much in the same way as the previous case, and is left to the reader. □ 

In the following theorem we use the transformation t(-) to reduce the s.p. for normalized Vqj- 
conjunctions to the s.p. for Vq -formulae. 

Theorem 1. The s.p. for normalized \/^2-conjunctions can be reduced in linear time to the s.p. for Vq- 
formulae, and therefore it is in NExpTlME. 

Proof. We prove the theorem by showing that, given any normalized VJ 2 -conjunction y, we can con- 
struct in linear time a corresponding Vj-formula y' which is equisatisfiable with Y- 

So, let 1// be a normalized Vq 2 -conjunction and let / i-> xj be the map-variable renaming for t{y). 
We define the corresponding Vg-formula y' as follows: 

A (V[x,y]Gz)(x/x)A A (VxG7r(x/))(x/x)A /\ (zG7r(U)), 

zeSVars{\l/) feMVars{\l/) zeSVars{\l/) 



where U is a fresh set variable. Plainly, the size of y' is linear in the size of Y- 
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Let us first assume that y' admits a model J = {M^ , 7f^). For each z G SVars{Y) we have PairS;jy [Jz] = 
0, as 7(V[;c,>'] ^ z){x ^ x) = true, for z € SVars{Y)- Likewise, for each / £ MVars{Y) we have Jxf = 
Pairs^y {Jxf), as J{\/x € 7i{xf)){x y^x) = true, for / G MVars{Y)- Finally, for each x € SVars{Y)' we have 
Jx G 7U \PairS;jy(7U), so that PairS;;./({7x : x G SVars{\i/)}) = 0- We define / as the MVari'(vA) -variant of 
J such that // = Jxf, for / G MVars{\l/)- Plainly, / |= so that, by Lemma|2l / ^ i//^ as well. 

For the converse direction, let / = {M' , n^) be a model for We shall exhibit an interpretation J' 
which satisfies i//^'. To begin with, we define a new pairing function by putting 

K-'iu^v) =Drf{;rKur(",v),{D^}}, 

for every u,v G where TiKur is the Kuratowski's pairing function and {Ix : x G SVars{\ir)}. 

Then we define M'' as the MVar5(i//) -variant of the assignment such that f = {n^ {u,v) : u,v G 
1^ and n\u,v) G M^f}, for each / G MVari'(vA). From Lemma[Tl it follows that the interpretation J = 
{M^n^) satisfies i//^. Moreover, we have 

Pairs^y(7z)=0, (7) 

for each z G SVars{\ir). Indeed, if for some m, v G and z G SVars^yif) we had 7i\u,v) G Jz, then 

izeD^e {D^} G {7rKur(M,v),{D^}} = 7r'{u,v) eJz = lz, 

contradicting the regularity axiom of set theory. Next, let W =D^f {xf : f £ MVars{Y)}U {U} and let J' 
be the W-variant of /, where J'xf = Jf, for / G MVars{Y), and 7'U = {7z : z G SVars{\j/)} . In view of 
(|7]), it is an easy matter to verify that 

J'h<¥)- (8) 
From (O, we have immediately that Pairs ^^y/ (J'z) = 0, so that 

/N A (V[x,j]Gz)(x^^). (9) 

zeSVars{\ir) 

Likewise, by reasoning much in the same manner as for the proof of (|7]), one can prove that 

A (VxG7r(xy))(x/x)A A (ze7r(U)). (10) 

feMVars{\l/) zeSVars{\l/) 

From ([8]), Q, and (ITOl ). it follows at once that J' \= \lf', completing the proof that y and y' equisatis- 
fiable. 

Since the s.p. for Vq -formulae is in NExpTlME, as was shown in Section 3.1], it readily follows 
that the s.p. for normalized Vo2-conj unctions is in NExpTlME as well. □ 

Corollary 1. The s.p. for \/q 2-formulae is in NExpTlME. 

Proof. Let <p be a satisfiable 2-formula. We may assume without loss of generality that all existential 
simple-prenex Vq 2-formulae of the form (01) have already been rewritten in terms of equivalent universal 
simple-prenex Vq 2-forniulae of the form Q, so that (p is a propositional combination of universal simple- 
prenex Vq 2"foi'i^ulae. In addition, by suitably renaming variables, we may assume that all quantified 
variables in <p are pairwise distinct and that they are also distinct from free variables. 

Let £(p = {y\ , . . . , I//,,} be the collection of the universal simple-prenex VJ j-formulae occurring in (p. 
By traversing the syntax tree of (p, one can find in linear time the propositional skeleton P(p of (p and a 
substitution a from the propositional variables pi , . . . , p„ of into £(p, such that P(pG = (p, where P^cr is 
the result of substituting each propositional variable p, in by the universal simple-prenex Vq 2-formula 
a(p,). Then to check the satisfiability of <p one can perform the following non-deterministic procedure: 
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• guess a Boolean valuation v of the prepositional variables pi , . . . , p„ of Pip such that v{P(p) = true; 

• form the VQ2-conjunction 

/\ a(p,) A /\ -a(p,); (11) 

v(p,)=true v{p,)=false 

• transform each conjunct 

-■(Vxi GZi)...(VxA eZh)i^[xh+Uyh+l] & fh+l)---i^[x„,yn] &fn)S 

of the form -'Cj(p,) in ([TTI ). where v{pi) = false, into the equisatisfiable formula 

h n 

/\xieziA /\ [xj,yj]efjA^5. 

i=l i=h+\ 

Let (p' be the normalized Vq 2 -conjunction so obtained. Plainly, (p' — > 9 is satisfied by any inter- 
pretation. 

• Check that (p' is satisfiable by a NExpTlME procedure for normalized Vq 2 -conjunctions (cf. The- 
orem [T]). 

Since (p' can be constructed in non-deterministic linear time, the corollary follows. □ 

Next we consider (Vq 2) -''-formulae, namely Vq 2-formulae whose simple-prenex subformulae have 
quantifier-prefix lengths bounded by the constant > 0. By reasoning much as in the proofs of Theorem[T] 
and Corollary [H it is immediate to check that the s.p. for (Vq 2) -''-formulae can be reduced in non- 
deterministic linear time to the s.p. of (VQ)-''-formulae, and thus, by ||6l Corollary 4], it can be decided 
in non-deterministic polynomial time. On the other hand, it is an easy matter to show that the s.p. for 
(Vq 2) -''-formulae is NP-hard. Indeed, given a propositional formula Q, consider the (Vq 2) -"-formula 

obtained from Q by replacing each propositional variable p in 2 with the atomic Vq 2-formula Xp € X, 
where X and the Xp's are distinct set variables. Plainly, Q is propositionally satisfiable if and only if the 
Vq 2-formula is satisfiable. The following lemma summarizes the above considerations. 

Lemma 3. For any integer constant h>0, the s.p. for (Vq 2)-''-/onMM/ae is NP -complete. □ 

It is noticeable that, despite of the large collection of set-theoretic constructs which are expressible 
by Vq 2-formulae (see Table [U, some very common map-related operators like domain, range, and map 
image can not be expressed by Vq 2"foi'niul^c in full generality, but only in restricted contexts. In the next 
section we prove that dropping any of such restrictions triggers undecidability. 

5 Some undecidable extensions of 

In this section we prove the undecidability of any extension of Vq 2 which allows one to express literals of 
the form x C dom(/). As we will see, analogous undecidability results hold also for similar extensions 
of Vq 2 in the case of other map related constructs such as range, map image, and map composition. Our 
proof will be carried out via a reduction of the Domino Problem, a well-known undecidable problem 
studied in 121 (see also Q), which asks for a tiling of the quadrant N x N subject to a finite set of 
constraints. 
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Definition 1 (Domino problem). A domino system is a triple B = {D,H,V), where D = {di,. .. ,di} is a 
finite nonempty set of domino types, and H and V, respectively the horizontal and vertical compatibility 
conditions, are two functions which associate to each domino type d (zD a subset ofD, respectively H{d) 
andV{d). 

A tiling t for a domino system ID = {D,H,V) is any mapping which associates a domino type in D 
to each ordered pair of natural numbers in N x N. A tiling t is said to be compatible ;/ and only if 
t[m + l,n] € H{t[m,n]) and t[m,n + 1] G V{t[m,n]) for all n,m £N. The domino problem consists in 
determining whether a domino system admits a compatible tiling. □ 

In order to reformulate the domino problem in set-theoretic terms, we make use of the following 
set-theoretic variant of Peano systems (see, for instance, [iW]). 

Definition 2 (Peano systems). Let n be a pairing-function and let J^,2f,S^ be three sets in the von 
Neumann hierarchy of sets. The tuple S = J^,7r) is said to be a Peano system if it satisfies the 

following conditions: 

(PI) jV is a set to which belongs; 

(P2) 5^ C ^tzJV is a total function over JV , i.e., a single-valued map with domain ^ ; 

(P3) 5^ is injective; 

(P4) is not in the range of J/'; 

(P5) for each X C ^ the following holds: 

{2f £XA{yn£j^){neX — >S^neX)) — >X = yl^. 

The first Peano system was devised by G. Peano himself . It can be characterized as §o = {^,'^0,®, ^Kur), 
where ^ is the minimal set containing the empty set and satisfying (Vm G ^){{u} G and is 
the relation over ^ such that 7rKur(")V) G J^o if and only if u G vO 

The domino problem can be easily reformulated in pure set-theoretic terms. To this purpose, we 
observe that any tiling t for a domino system induces a partitioning of the integer plane N x N, as it 
associates exactly one domino type to each pair {n,m) G N x N. Hence, given a domino system D = 
{{di ,d('},H,V), the domino problem for D can be expressed in set-theoretic terms as the problem of 
deciding whether there exists a partitioning P = (Ai , . . . ,A() of ^ x jV , for some fixed Peano system 
S = (^,^, J^,7r), such that for all m,v,m',v' G , and for all I < i,j < i such that 7i{u,v) G A,- and 
n{u',v') eAj, 

(DI) if 7i{u,u') G ^ (i.e., u' is the successor of u) and v = v' then dj G H{di), and 
(D2) if 7i{v,v') G y (i.e., v' is the successor of v) and u = u' then dj G V{di). 

Notice that from the properties of Peano systems it follows that if a domino system B admits a 



compatible tiling t then we can construct a partitioning of the integer plane which satisfies [(Dl)| and [(D2) 
however the Peano system is chosen. 

All instances of the domino problem can be formalized with normalized Vj2-conjunctions extended 
with two positive literals of the form x C dom(/), with x G SVars and / G MVars, where the obvious 
semantics for the operator dom(-) is /(dom(/)) =Q^f {u £ Y : [u,v] G //, for some v G Y} , for any 
interpretation /. In view of the undecidability of the domino problem, this yields the undecidability of 
the s.p. for the class Vjj^'^"'" of normalized VJj-conjunctions extended with two positive literals of the 
form;c C dom(/), proved in the following theorem. 



In the original definition the pairing function was not specified. 
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Theorem 2. The s.p. for Vq 2^*^°"^, namely the class of normalized \/q 2'Conjunctions extended with two 
positive literals of the form x C dom(/), is undecidable. 

Proof. Let B = {D,H,V), with D = {di , . . . ,de}, be a domino system. We will show how to construct 
in polynomial time a formula (po of Vq 2^^°"^ which is satisfiable if and only if there exists a partitioning 



of the integer plane which satisfies conditions |(D1)| and |(D2)[ so that the undecidability of the s.p. for 
^02^'^°'" ^^^^ follow directly from the undecidability of the domino problem. 

Let N, Z be two distinct set variables, and let S be a map variable. In addition, let Qi, . . . be 
pairwise distinct map variables, which are also distinct from S. These are intended to represent the 
blocks of the partition of the integer plane induced by a tiling. To enhance the readability of the formula 
(pB we are about to construct, we introduce some abbreviations which will also make use of some map 
constructs defined in Table [T] To begin with, we put 

partition(Qi,...,Qf;N x N) =0,, N x N C Qi u...uQf A /\ (Q,n Qy = 0) . 

¥j 

Plainly, for every inteipretation L we have / \= partition(Qi , . . . , Qf, N x N) if and only if (/Qi , . . . ,lQe) 
partitions /(N x N). Next we define the formulae hor, and ver,-, for / = which will encode 

respectively the horizontal and the vertical compatibility constraints: 

hor; =i,rfS"'oQ; C [j Qy, ver,- =0^, Q,- oS C (J Qy. 

djeH{di) djeV{di) 

Finally, we denote with is_Peano(A'^,Z,5') the following formula: 

is_Peano(N,Z,S) =m Z G N A bijective(S) Adom(S) = NArange(S) = (N \ {Z}) A (V[;c,3;] G S){xey). 

Notice that range(S) = (N \ {Z}) is equivalent to dom(S^') = (N \ {Z}). In addition, a literal of the 
form X = dom(/) can obviously be expressed by the conjunction (V[y,j'] G /)(x' G x) A ;c C dom(/) . 

Next we show that the formula is_Peano(N, Z, S) is satisfiable and correctly characterizes Peano 
systems, in the sense that if / ^ is_Peano(N, Z, S) for an interpretation /, then (/N,/Z,/S, 71^) is a 
Peano system. Given any interpretation / such that /N = IS = ^q, 17. = 0, and Tl' = %\iur, I \= 
is_Peano(N,Z,S) follows from the very definition of So> so that is_Peano(N,Z,S) is satisfiable. In 
addition, if / |= is_Peano(N,Z,S) for an inteipretation /, it can easily be proved that (/N,/Z,/S, 71^) 
is a Peano system. Indeed [(Pl)| |(P2)[ |(P3)[ and |(P4)| follow readily from the first four conjuncts of 



is_Peano(N,Z,S). Concerning |(P5)[ we proceed by contradiction. Thus, let us assume that there exists 
a proper subset X of /N such that the following holds 

/Z GXA(V«,?i' G/N)((?i GXA7r^(?i,?i') G /S) — >n' (^X) (12) 

and let w be a set in /N \X with minimal rank. We must have u ^ IT, in force of the first conjunct of 
([T2I) . and thus u G range(/S) must hold, as we assumed that / correctly models the conjunct range(S) = 
(N \ {Z}) of the formula is_Peano(N, Z, S). Hence, there must exist a set v such that 7r(v, u) G IS. Since 
/ \= iy[x,y] G S)(x G y), v must have rank strictly less than u, so that v G X must hold, as by assumption 
u has minimal rank in /N \ X. But (fT2l) would yield m G X, which contradicts our initial assumption 
ueIX\N. 

We are now ready to define the formula (pu of 2^"^°"^ intended to express that the domino system 
D = {D,H,V) admits a compatible tiling. This is: 

e e 

(PB =Q^f is_Peano(N,Z,S) Apartition(Qi,...,Q£;N x N) A /\ hor,- A /\ ver,- . 

!=1 !=1 
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Observe that (p^ can be expanded so as to involve only two literals of the form x C dom(/). 

We show next that (pe is satisfiable if and only if the domino system D admits a compatible tiling. 
Let us first assume that q)^ is satisfiable, and let / be a model for (po. Plainly, (/N,/Z,/S, k') is a Peano 
system, as is_Peano(N,Z,S) is a conjunct of 90. In addition, {iQi, . . . ,lQt) partitions /N x/N, since 
/ \= partition(Qi , . . . , Qf, N x N). It remains to prove that the partition (/Qi , . . . ,IQ() is induced by a 
compatible tiling of the domino system D, i.e., that properties |(Dl)| and |(D2)| hold. Thus let u,u' ,v € /N 



such that k'{u,v) € IQi, k'{u',v) G iQj, and k'{u,u') e IS, for some 1 < i,j < I. Plainly 7l'{u',v) G 
I{S^^ o Qi), so that from / |= hor, it follows dj G H{di), proving [(Dl)[ Likewise, let u,v,v' G /N be such 



that n'{u,v) G/Q;, n' {u,v') elQj, and 7r^(v,v') G 75, for some 1 <ij<l. Thus Ti'{u,v') G/(Q,oS), so 
that from I \= ver,- we obtain dj G V{di), proving [(D2)[ 

Conversely, let us suppose that D admits a compatible tiling and let {Ai,. .. ,A() be the induced par- 
titioning of X J/q which satisfies [(b 1) I and [(b2) [ relative to the Peano system Sq = (^j0j=^O)^Kur)- 



We prove that (jPo is satisfied be any interpretation I such that 

K' = %Kur, /N = ^, /Z = 0, /S = ^o, /Q,= A; (for /=!,...,£). 

Plainly, / models correctly is_Peano(N,Z,S). In addition, / \= partition(Qi, . . . , Qf, N x N), as we 
assumed that (/Qi , . . . ) = {A\,. .. ,Af) is a partitioning of /N x /N = jVq x Next we prove that 
/ models coiTcctly the conjuncts hor, of (po, for / = 1, . . . To this purpose, let u, v be any two sets such 
that7r^(M,v) G /(S^^ oQ,), for some 1 <i<£. Then, there must exist a set m' such that 7r^(M',v) G/Q,-,and 
7t'{u',u) G /S = =5^0- Hence n'{u,v) must belong to some Aj = iQj, for I < j <£, such that dj G H{di), 
proving / \= hor,-. Analogously, one can show that / \= ver,, for / = thus proving that I \= (p^ and 

in turn concluding the proof of the theorem. □ 

Because of the large number of set-theoretic constructs expressible in Vqj' the undecidability of 
various other extensions of normahzed Vq 2 -conjunctions easily follows from Theorem[2l 

Corollary 2. The class of normalized \/q 2''^onjunctions extended with two literals of any of the following 
types is undecidable: 

^Crange(/), hQfog^ (13) 
where x,y ^ SVars and f,g,h G MVars. 

Proof. In view of Theorem |2j it is enough to show that any literal of the form x C dom(/) can be ex- 
pressed with normalized Vq 2 -conjunctions extended with one literal of any of the types ([T3] ). Concerning 
the case of literals of the types x C range(/), hCfogit suffices to observe that C dom(/) is equivalent 
to each of the two formulae x C range(/^^) and \d{x) ^ /o/^^, and that map identity \d{x) and map 
inverse /^^ are expressible by Vq 2"forrnul^^' shown in Table [T] 

Finally, concerning literals of the form j C /[jc], it is enough to observe that for every set variable Rf 
distinct from x we have 

• I \= X f^^[Rf] ^ X CI dom(/), for every interpretation /; 

• if / ^ ;c C dom(/), for some interpretation I, then J \=x C f^^[Rf], where J is the {/?/}-variant of 
/ such that JRf = range(//). 

Therefore, a VJ 2^"^°"^ -formula y =Def <p A;c C dom(/) /\y Q dom(g), where (jO is a normalized Vq2- 
conjunction, is equisatisfiable with (p Ax C [Ry] Ay C g^^[Rg], where /?/ and Rg are two fresh distinct 
set variables not occurring in Y- D 
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In the proof of Theorem[T]we provided a reduction of the s.p. for normaUzed Vj2-conjunctions to the 
s.p. for Vq -formulae. Therefore, the undecidability resuhs of Theorem |2] and Corollary |2] hold also for 
the corresponding extensions of -formulae. 

6 Conclusions and plans for future works 

In this paper we presented a quantified sublanguage of set theory, called Vq j, which extends the language 
Vo studied in |{4|| with quantifiers involving ordered pairs. We reduced its satisfiability problem to the 
same problem for formulae of the fragment studied in 10. The resulting decision procedure runs in non- 
deterministic exponential time. However, if one restricts to formulae with quantifier prefixes of length 
bounded by a constant, the decision procedure runs in non-deterministic polynomial time. It turns out 
that such restricted formulae still allow one to express a large number of useful set-theoretic constructs, 
as reported in Table [T] Finally, we also proved that by slightly extending j-formulae with few literals 
(at least two) of any of the types x C dom(/), x C range(/), x C f[y], and h Q f og, one runs into 
undecidability. 

Other extensions of Vqj are to be investigated, in particular those involving the transitive closure of 
maps. Also, the effects of allowing nesting of quantifiers should be further studied, extending the recent 
results HSIITtI to our context. 

In contrast with description logics, the semantics of our language is multi-level, as most of the lan- 
guages studied in the context of Computable Set Theory. This characteristic may play a central role when 
applying set-theoretic languages to knowledge representation, with particular- reference to the metamod- 
eling issue (see ll20l [T5l ). which affects the description logics framework. However, the multi-level 
feature is limited in VJj-foi'mulae, since clauses like f £x, [f,g] G h, with x a set variable and /, g, and h 
map variables, are not expressible in it. In light of this, we intend to investigate extensions of the theory 
Vq 2 which also admit constructs of these forms, and study appUcations of these in the field of knowledge 
representation. 

Finally, we intend to study correlations between our language Vq 2 and Disjunctive Datalog (cf. ifTTI ) 
in order to use some of the machinery already available for the latter to simplify the implementation of 
an optimized satisfiability test for the whole fragment Vq 2, or just for a Horn-like restriction of it. 
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